Exemplo n.º 1
0
def test_check_password(user_account):
    user = user_account()
    user.set_password("CORRECT_PASSWORD")
    user.save(update_fields=("password", ))

    with pytest.raises(WrongPasswordError):
        PasswordService.check_password(user, "INCORRECT_PASSWORD")
Exemplo n.º 2
0
def test_send_reset_password_link_success(settings, user_account, mocker):
    user = user_account()
    domain_name = "test_send_reset_password_link_success.com"
    signature = "signature"
    site = Site.objects.create(domain=domain_name, name=domain_name)
    settings.SITE_ID = site.pk
    mocked_generate_reset_password_signature = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}._generate_reset_password_signature",
        return_value=signature)
    mocked_send_notification = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}._send_notification")

    PasswordService.send_reset_password_link(user.email)

    mocked_generate_reset_password_signature.assert_called_once_with(user)
    mocked_send_notification.assert_called_once_with(
        user.pk,
        {
            "user_notification_salutation":
            "Dear user",
            "domain_name":
            domain_name,
            "reset_password_link":
            f"https://{domain_name}/reset-password/{signature}",
        },
    )
Exemplo n.º 3
0
class RegistrationSerializer(serializers.ModelSerializer):
    email = serializers.EmailField(write_only=True, max_length=128)
    password = serializers.CharField(write_only=True, max_length=128)
    first_name = serializers.CharField(required=True, max_length=30)
    last_name = serializers.CharField(required=True, max_length=30)
    birthdate = serializers.DateField(required=True, format="%d-%m-%Y", input_formats=["%d-%m-%Y", "iso-8601"])

    class Meta:
        model = UserAccount
        fields = ("email", "first_name", "last_name", "password", "birthdate")

    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.password_service = PasswordService()

    def validate_email(self, email):
        if UserAccount.objects.filter(email=email).exists():
            raise ValidationError(gettext("Could not create account with this email."))
        return super().validate(email)

    def validate_password(self, new_password):
        try:
            self.password_service.validate_password(new_password)
        except InvalidPasswordError as e:
            raise serializers.ValidationError(e.messages) from e
        return new_password

    def save(self, **kwargs):
        self.instance = super().save(**kwargs)
        raw_password = self.validated_data.get("password")
        self.instance.set_password(raw_password)
        self.instance.save()
        return self.instance
Exemplo n.º 4
0
def test_reset_password_success(user_account, mocker):
    new_password = "******"  # nosec
    user = user_account()
    reset_password_signature = TimestampSigner().sign(user.pk)
    mocked_change_password = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}.change_password")

    PasswordService.reset_password(reset_password_signature, new_password)

    mocked_change_password.assert_called_once_with(user, new_password)
Exemplo n.º 5
0
def test_reset_password_user_failure(mocker):
    new_password = "******"  # nosec
    assert UserAccount.objects.count() == 0
    reset_password_signature = TimestampSigner().sign(1)
    mocked_change_password = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}.change_password")

    with pytest.raises(InvalidResetPasswordSignatureError):
        PasswordService.reset_password(reset_password_signature, new_password)

    assert mocked_change_password.call_count == 0
Exemplo n.º 6
0
def test_send_reset_password_link_failure(mocker):
    assert UserAccount.objects.count() == 0
    mocked_generate_reset_password_signature = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}._generate_reset_password_signature")
    mocked_send_notification = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}._send_notification")

    PasswordService.send_reset_password_link("*****@*****.**")

    assert mocked_generate_reset_password_signature.call_count == 0
    assert mocked_send_notification.call_count == 0
Exemplo n.º 7
0
def test_reset_password_signature_failure(mocker, settings, exception):
    new_password = "******"  # nosec
    reset_password_signature = "reset_password_signature"  # nosec
    mocker.patch("django.core.signing.TimestampSigner.unsign",
                 side_effect=exception("Some message"))
    settings.KRENAK_API_RESET_PASSWORD_EXPIRATION_DELTA = 42
    mocked_change_password = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}.change_password")

    with pytest.raises(InvalidResetPasswordSignatureError):
        PasswordService.reset_password(reset_password_signature, new_password)

    assert mocked_change_password.call_count == 0
Exemplo n.º 8
0
def test_change_password(user_account):
    old_password = "******"  # nosec
    new_password = "******"  # nosec

    user = user_account()
    user.set_password(old_password)
    user.save(update_fields=("password", ))
    assert user.check_password(old_password)

    PasswordService.change_password(user, new_password)

    user.refresh_from_db()
    assert user.check_password(new_password)
Exemplo n.º 9
0
def test_generate_reset_password_signature(user_account):
    user = user_account()
    expected_reset_password_signature = TimestampSigner().sign(user.pk)

    assert PasswordService._generate_reset_password_signature(
        user) == expected_reset_password_signature
Exemplo n.º 10
0
def test_validate_password(mocker):
    mocker.patch("django.contrib.auth.password_validation.validate_password",
                 side_effect=ValidationError("exception"))

    with pytest.raises(InvalidPasswordError):
        PasswordService.validate_password("SOME_PASSWORD")
Exemplo n.º 11
0
 def __init__(self, *args, **kwargs):
     super().__init__(*args, **kwargs)
     self.password_service = PasswordService()